The official site for Saudi CERT
ManageEngine Alert
3239
Warning Date
Severity Level
Warning Number
Target Sector
12 January, 2023
● Critical
2023-5420
All
ManageEngine has released security updates to address a vulnerability in the following products:
- Access Manager Plus
- 4307 and below
- Active Directory 360
- 309 and below
- ADAduit Plus
- 7080 and below
- ADManager Plus
- 7161 and below
- ADSelfService Plus
- 6210 and below
- Analytics Plus
- 5140 and below
- Application Control Plus
- 10.1.2220.17 and below
- Application Control Plus
- 10.1.2220.17 and below
- Asset Explorer - 6982 and below
- Browser Security Plus
- 11.1.2238.5 and below
- Device Control Plus
- 10.1.2220.17 and below
- Endpoint Central
- 10.1.2228.10 and below
- Endpoint Central MSP
- 10.1.2228.10 and below
- Endpoint DLP
- 10.1.2137.5 and below
- Key Manager Plus
- 6400 and below
- OS Deployer
- 1.1.2243.0 and below
- PAM 360
- 5712 and below
- Password Manager Pro
- 12123 and below
- Patch Manager Plus
- 10.1.2220.17 and below
- Remote Access Plus
- 10.1.2228.10 and below
- Remote Monitoring and Management (RMM)
- 10.1.40 and below
- ServiceDesk Plus
- 14003 and below
- ServiceDesk Plus MSP
- 13000 and below
- SupportCenter Plus
- 11017 to 11025
- Vulnerability Manager Plus
- 10.1.2220.17 and below
An attacker could exploit this vulnerability by executing arbitrary code remotely. The vulnerability requires that the appliance to have (SAML SSO) configured or enabled.
The CERT team encourages users to review ManageEngine security advisory and apply the necessary updates:
Rate the content
Share the page
